i always get this error when i run this
"You do not appear to be connected to the internet. Kindly connect before clicking 'OK' "
then i click OK and this error comes up
"Failed to download required files. Aborting... Shall continue scanning for malware
ComboFix 10-06-12.04 - Valued Customer 06/13/2010 15:53:53.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.186 [GMT -4:00]
Running from: c:\documents and settings\Valued Customer\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Valued Customer\Desktop\CFScript.txt
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton AntiVirus *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--------------- FCopy ---------------
c:\windows\servicepackfiles\i386\afd.sys --> c:\windows\system32\drivers\afd.sys
.
((((((((((((((((((((((((( Files Created from 2010-05-13 to 2010-06-13 )))))))))))))))))))))))))))))))
.
2010-06-13 19:53 . 2008-04-13 19:19 138112 -c--a-w- c:\windows\system32\dllcache\afd.sys
2010-06-13 19:53 . 2008-04-13 19:19 138112 ----a-w- c:\windows\system32\drivers\afd.sys
2010-06-13 15:45 . 2010-06-13 15:45 -------- d-----w- C:\_OTL
2010-06-13 15:17 . 2010-06-13 15:17 388096 ----a-r- c:\documents and settings\Valued Customer\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-13 01:08 . 2010-06-13 01:09 -------- d-----w- c:\program files\ERUNT
2010-06-11 04:39 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 04:39 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-11 04:39 . 2010-06-11 04:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-11 00:37 . 2010-06-11 01:06 -------- d-----w- C:\ERDNT
2010-06-10 03:40 . 2010-06-10 03:40 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Malwarebytes
2010-06-10 03:28 . 2010-06-10 03:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-10 02:48 . 2010-06-10 02:48 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-06-10 02:20 . 2010-06-10 02:20 -------- d-----w- c:\windows\system32\scripting
2010-06-10 02:19 . 2010-06-10 02:20 -------- d-----w- c:\windows\l2schemas
2010-06-10 02:19 . 2010-06-10 02:19 -------- d-----w- c:\windows\system32\en
2010-06-10 01:38 . 2010-06-10 01:38 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-06-10 01:27 . 2010-06-10 01:27 -------- d-sh--w- c:\documents and settings\Valued Customer\PrivacIE
2010-06-10 01:25 . 2010-06-10 01:25 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-06-10 01:19 . 2010-06-10 01:19 -------- d-sh--w- c:\documents and settings\Valued Customer\IETldCache
2010-06-10 01:03 . 2010-06-10 01:11 -------- dc-h--w- c:\windows\ie8
2010-06-09 00:34 . 2010-06-09 00:34 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-06-08 22:41 . 2010-06-11 02:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-08 22:41 . 2010-06-08 23:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-08 22:36 . 2010-06-08 22:36 -------- d-----w- c:\program files\CCleaner
2010-06-08 22:03 . 2010-06-08 22:03 -------- d-----w- c:\program files\Trend Micro
2010-06-08 02:18 . 2010-06-08 02:18 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-08 00:55 . 2010-06-08 00:55 -------- d-----w- c:\documents and settings\Valued Customer\Local Settings\Application Data\Threat Expert
2010-06-07 19:42 . 2010-06-12 03:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 10:25 . 2005-09-02 11:46 -------- d-----w- c:\program files\Google
2010-06-10 02:26 . 2003-02-07 02:06 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-06-08 23:13 . 2003-02-07 03:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-06-08 23:13 . 2003-02-07 03:33 -------- d-----w- c:\program files\Common Files\AOL
2010-06-08 23:12 . 2005-07-16 22:12 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Aim
2010-06-08 23:01 . 2010-03-15 01:37 -------- d-----w- c:\program files\Microsoft
2010-06-08 22:59 . 2003-02-07 02:42 -------- d-----w- c:\program files\Real
2010-06-08 22:58 . 2003-02-07 02:42 -------- d-----w- c:\program files\Common Files\Real
2010-06-06 15:54 . 2003-02-07 03:35 -------- d-----w- c:\program files\QuickTime
2010-06-06 15:21 . 2009-09-16 22:26 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\Skype
2010-06-06 14:06 . 2009-09-16 22:30 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\skypePM
2010-06-05 17:40 . 2008-07-27 20:14 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\ZoomBrowser EX
2010-06-05 17:09 . 2008-07-27 20:12 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\CameraWindowDC
2010-06-05 14:07 . 2005-04-25 22:37 -------- d-----w- c:\documents and settings\Valued Customer\Application Data\MSN6
2010-06-02 21:50 . 2003-02-07 03:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-05-17 00:11 . 2009-12-16 02:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-05-14 22:53 . 2003-02-07 03:37 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-12 17:39 . 2009-12-16 02:08 1808752 ----a-w- c:\documents and settings\All Users\Application Data\Norton\NUA.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/25/2008 9:47 PM 149352]
S2 gupdate1c99060f4e0d8ea;Google Update Service (gupdate1c99060f4e0d8ea);c:\program files\Google\Update\GoogleUpdate.exe [2/16/2009 2:04 PM 133104]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [1/12/2008 10:32 PM 23888]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [9/16/2009 6:08 PM 30560]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 8:04 PM 24652]
.
Contents of the 'Scheduled Tasks' folder
2010-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 18:03]
2010-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 18:03]
2009-09-16 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
- c:\program files\Microsoft LifeCam\LifeExp.exe [2009-03-17 18:24]
2010-06-12 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Valued Customer.job
- c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
FF - ProfilePath - c:\documents and settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\5l8w9y67.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr
ef", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-13 16:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3796)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Completion time: 2010-06-13 16:05:37 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-13 20:05
ComboFix2.txt 2010-06-13 17:47
ComboFix3.txt 2010-06-13 16:49
Pre-Run: 139,559,641,088 bytes free
Post-Run: 139,543,662,592 bytes free
- - End Of File - - E2C322FF6FC96B497B2A25111CED017F